PACT: Private Automated Contact Tracing

A Greater Boston RIG project

The PACT (Private Automated Contact Tracing) protocol is a simple, decentralized approach to using smartphones for contact tracing based on Bluetooth proximity. Users of this scheme do not reveal anything about themselves, unless they volunteer to do so. In particular, users can volunteer to donate their private data to a (trusted) health authority, who can then use this data to further control the spread of the virus, but this is discretionary to the users.

Security, Privacy Cryptography

Enterprise IT is not structured to have the time and money to invest in far-reaching and forward-looking security threats and solutions. Academic and government research in these areas thrive, but does not easily find its way into industry. Red Hat’s open source approach allows researchers to share their work immediately and have it reviewed by thousands of security experts. This review further hardens the work and allows it to be put to use more quickly and more broadly so research and inventions in cryptography, privacy and cybersecurity have immediate impact.

Projects

ProjectSummaryResearch AreaRIGUniversitiesrig_hfilterpartner_university_hfilter
PACT: Private Automated Contact Tracinggreater-bostonboston-university
OpenInfra LabsOpenInfra Labs is an OpenStack Foundation project connecting open source projects to production to advance …, , , , , , boston-university northeastern-university umass-amherst
Elastic Secure InfrastructureThis project encompasses work in several areas to design, build and evaluate secure bare-metal elastic infrastructure for data centers., , greater-bostonboston-university
Open Cloud TestbedThe Open Cloud Testbed project will build and support a testbed for research and experimentation into new cloud platforms – the underlying software which provides cloud services to applications. Testbeds such as OCT are critical for enabling research into new cloud technologies – research that requires experiments which potentially change …, , , , , , greater-bostonboston-university northeastern-university umass-amherst
Implementing Secure Multi-Party ComputingSecure Multiparty Computation (MPC) is a cryptographic primitive that allows several parties to jointly and privately compute desired functions over secret data. Building and deploying practical MPC applications faces several obstacles, including performance overhead, complicated deployment and setup procedures, and adoption of MPC protocols into modern software stacks. MPC applications …, greater-bostonboston-university
Usable Security for DevelopersThis project focuses on the cryptographic APIs with respect to their developer usability. Such APIs are notoriously complex and prone to usage errors – our goal is to analyze their (in)correct usage and propose precautions and guidelines to achieve better usability and security.brnomasaryk-university
Fuzzing Device Emulation in QEMUHypervisors—the software that allows a computer to simulate multiple virtual computers—form the backbone of cloud computing. Because they are both ubiquitous and essential, they are security-critical applications that make attractive targets for potential attackers., , greater-bostonboston-university
FPGAs in Large-Scale Computer SystemsWe will highlight many ways to deploy FPGAs in a data center node, such as traditional back-end accelerators, tightly coupled off-load processors, Smart NICs, Bump-in-the-Wire, MPC accelerators and even FPGAs in the router itself. We will also discuss our efforts to make these devices accessible globally accessible, through deeper integration …, , greater-bostonboston-university